What is a session?
A session is basically a way of storing variables and making them available across multiple pages on your web site.
We use the PHP super global $_SESSION to hold it.
We use the PHP super global $_SESSION to hold it.
Eg: $_SESSION['variable']
<?php
// begin the session
session_start();
// set the value of the session variable
$_SESSION['hello']='sudhir';
?>
// begin the session
session_start();
// set the value of the session variable
$_SESSION['hello']='sudhir';
?>
We can retriew this value on another page by this
<?php
// begin our session
session_start();
// echo the session variable
echo 'The value of hello is '.$_SESSION['hello'];
?>
// begin our session
session_start();
// echo the session variable
echo 'The value of hello is '.$_SESSION['hello'];
?>
This is often used to log out of applications that store the login information in a session.
You can use the code below to destroy your session completely.
You can use the code below to destroy your session completely.
<?php
// Begin the session
session_start();
// Unset all of the session variables.
session_unset();
// Begin the session
session_start();
// Unset all of the session variables.
session_unset();
// Destroy the session.
session_destroy();
?>
session_destroy();
?>
<?php
// begin the session
session_start();
// create an array
$my_array=array('cat', 'dog', 'mouse', 'bird', 'crocodile', 'wombat', 'koala', 'kangaroo');
// put the array in a session variable
$_SESSION['animals']=$my_array;
// begin the session
session_start();
// create an array
$my_array=array('cat', 'dog', 'mouse', 'bird', 'crocodile', 'wombat', 'koala', 'kangaroo');
// put the array in a session variable
$_SESSION['animals']=$my_array;
foreach($_SESSION['animals'] as $key=>$value)
{
// and print out the values
echo 'The value of $_SESSION['."'".$key."'".'] is '."'".$value."'".' <br />';
}
?>
Yes, using the following code we can include our class file as we would for any class.
In page1.php we will instantiate a new object and put it in a session variable.
Lets us create a simple class file to include in our page1 and page2 scripts,
we shall call it myclass.php
In page1.php we will instantiate a new object and put it in a session variable.
Lets us create a simple class file to include in our page1 and page2 scripts,
we shall call it myclass.php
<?php
// our class
class mySessionClass{
// The constructor, duh!
function __construct(){
}
// a function to set a property
function bar(){
return 'foo';
}
} // end of class
?>
// our class
class mySessionClass{
// The constructor, duh!
function __construct(){
}
// a function to set a property
function bar(){
return 'foo';
}
} // end of class
?>
In page1.php we include the class file and instantiate a new instance of the class directly into a session variable.
<?php
// include the class file
include('myclass.php');
// begin the session
session_start();
// instantiate a new instance of the class mySessionClass
$_SESSION['foo']= new mySessionClass;
// echo a little message to say it is done
echo 'Setting value of foo to an object';
?>
// include the class file
include('myclass.php');
// begin the session
session_start();
// instantiate a new instance of the class mySessionClass
$_SESSION['foo']= new mySessionClass;
// echo a little message to say it is done
echo 'Setting value of foo to an object';
?>
Now we have the object in a session variable, we can go on to page2.php and use methods from mySessionClass.
<?php
// include the class file
include('myclass.php');
// begin the session
session_start();
echo $_SESSION['foo']->bar();
?>
// include the class file
include('myclass.php');
// begin the session
session_start();
echo $_SESSION['foo']->bar();
?>
Important Note: You MUST include the class definition on *every page* when you store an object
<?php
// begin our session
session_start();
// set a session variable containing a function
$_SESSION['foo'] = '
<?php
function foo(){
echo "I am stored in a session function named foo";}
?>';
?>
<?php
// begin our session
session_start();
// evaluate the code within the session variable
eval('?>'.$_SESSION['foo']);
// run our stored function
foo();
?>
When do sessions expire?
The default behaviour for sessions is to keep a session open indefinitely and
only to expire a session when the browser is closed.
This behaviour can be changed in the php.ini file by altering the line
session.cookie_lifetime = 0
to a value in seconds. If you wanted the session to finish in 5 minutes you would set this to
session.cookie_lifetime = 300
and restart your httpd server.
In PHP there are two way to propagate a session id:
1.Cookies
2.URL parameter
Note: If the run-time option session.use_trans_sid is enabled, relative URIs will be changed to contain the session id automatically.
PHP sessions can also work without cookies in case cookies are disabled or rejected by the browser
PHP has a built-in mechanism called transparent session ids, which automagically rewrites all links to contain the session id in a query parameter. I would not suggest using it, since session ids in the URL open up a whole new can of worms.
How PHP sessions work without cookies
1. PHP will automatically add a hidden input tag with the name PHPSESSID right after the <form> tag.
The value of that hidden input tag would be whatever value PHP assigns your session ID.
<input type="hidden" value="<?php echo (session_id());?>" name="session_id">
2. PHP will find all the links in your HTML code, and will modify those links
<?php $_COOKIE[$_POST['session_name']]=$_POST['session_id'];?>
<a href="play3.php?session_id=<?php echo (session_id());?>">go to next page</>
only to expire a session when the browser is closed.
This behaviour can be changed in the php.ini file by altering the line
session.cookie_lifetime = 0
to a value in seconds. If you wanted the session to finish in 5 minutes you would set this to
session.cookie_lifetime = 300
and restart your httpd server.
Cookie
A cookie can
keep information in the user's browser until deleted. If a person has a login
and password, this can be set as a cookie in their browser so they do not have
to re-login to your website every time they visit. You can store almost
anything in a browser cookie.
The
setcookie() function is used to set a cookie.
Syntax
setcookie(name,
value, expire, path, domain);
<?php
$value = 'something from somewhere';
setcookie("TestCookie", $value);
setcookie("TestCookie", $value, time()+3600); /* expire in 1 hour */
setcookie("TestCookie", $value, time()+3600, "/~rasmus/", "example.com", 1);
?>
$value = 'something from somewhere';
setcookie("TestCookie", $value);
setcookie("TestCookie", $value, time()+3600); /* expire in 1 hour */
setcookie("TestCookie", $value, time()+3600, "/~rasmus/", "example.com", 1);
?>
<?php
// Print an individual cookie
echo $_COOKIE["TestCookie"];
echo $HTTP_COOKIE_VARS["TestCookie"];
// Another way to debug/test is to view all cookies
print_r($_COOKIE);
?>
// Print an individual cookie
echo $_COOKIE["TestCookie"];
echo $HTTP_COOKIE_VARS["TestCookie"];
// Another way to debug/test is to view all cookies
print_r($_COOKIE);
?>
Difference
between session & Cookies
The main difference
between a session and a cookie is that session data is stored on the server,
whereas cookies store data in the visitor’s browser. Sessions use a session
identifier to locate a particular user’s session data. This session identifier
is normally stored in the user’s web browser in a cookie, but the sensitive
data that needs to be more secure — like the user’s ID, name, etc. — will
always stay on the server. Session are secure then cookies.
1.Cookies
2.URL parameter
Note: If the run-time option session.use_trans_sid is enabled, relative URIs will be changed to contain the session id automatically.
PHP sessions can also work without cookies in case cookies are disabled or rejected by the browser
PHP has a built-in mechanism called transparent session ids, which automagically rewrites all links to contain the session id in a query parameter. I would not suggest using it, since session ids in the URL open up a whole new can of worms.
How PHP sessions work without cookies
1. PHP will automatically add a hidden input tag with the name PHPSESSID right after the <form> tag.
The value of that hidden input tag would be whatever value PHP assigns your session ID.
<input type="hidden" value="<?php echo (session_id());?>" name="session_id">
2. PHP will find all the links in your HTML code, and will modify those links
<?php $_COOKIE[$_POST['session_name']]=$_POST['session_id'];?>
<a href="play3.php?session_id=<?php echo (session_id());?>">go to next page</>
No comments:
Post a Comment